OttoKit插件曝高危漏洞遭快速利用
WordPress插件OttoKit(原SureTriggers)发现高危身份验证绕过漏洞(CVE-2025-3102),影响1.0.78及之前版本,可导致攻击者创建管理员账户并完全接管网站。
值得注意的是,该漏洞细节在公开披露仅数小时后,便已被黑客积极利用进行攻击。官方已发布修复版本1.0.79,强烈建议用户立即升级并检查是否存在异常管理员账户。
Bleeping Computer
📮投稿 ☘️频道 🌸聊天
BY 科技圈🎗在花频道📮
Mr. Durov launched Telegram in late 2013 with his brother, Nikolai, just months before he was pushed out of VK, the Russian social-media platform he founded. Mr. Durov pitched his new app—funded with the proceeds from the VK sale—less as a business than as a way for people to send messages while avoiding government surveillance and censorship.
Telegram has exploded as a hub for cybercriminals looking to buy, sell and share stolen data and hacking tools, new research shows, as the messaging app emerges as an alternative to the dark web.An investigation by cyber intelligence group Cyberint, together with the Financial Times, found a ballooning network of hackers sharing data leaks on the popular messaging platform, sometimes in channels with tens of thousands of subscribers, lured by its ease of use and light-touch moderation.在花软件新闻投稿频道 from us